exam questions

Exam CISA All Questions

View all questions & answers for the CISA exam

Exam CISA topic 1 question 573 discussion

Actual exam question from Isaca's CISA
Question #: 573
Topic #: 1
[All CISA Questions]

An IS auditor performs a follow-up audit and learns the approach taken by the auditee to fix the findings differs from the agreed-upon approach confirmed during the last audit. Which of the following should be the auditor's NEXT course of action?

  • A. Inform senior management of the change in approach.
  • B. Conduct a risk analysis incorporating the change.
  • C. Report results of the follow-up to the audit committee.
  • D. Evaluate the appropriateness of the remedial action taken.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
EK24
Highly Voted 2 years, 11 months ago
I think it's between D and B. I would go with D.
upvoted 14 times
Clair665
2 years, 9 months ago
I would choose D
upvoted 4 times
...
...
gmutonyi
Highly Voted 2 years, 9 months ago
D. Evaluate the appropriateness of the remedial action taken.
upvoted 6 times
...
3008
Most Recent 3 months, 2 weeks ago
Selected Answer: D
as an IS auditor, it is important to evaluate the remedial action taken by the auditee to ensure that it is appropriate and effective. The auditor should examine the changes made by the auditee to determine whether they adequately address the findings from the previous audit.
upvoted 1 times
...
spar2kle
5 months, 2 weeks ago
Selected Answer: D
If the auditee has deviated from the agreed-upon approach to fixing the issues, it's important to take action to ensure that the situation is resolved in a way that is satisfactory for the organization. In this case, I believe that the best course of action is D - evaluate the appropriateness of the remedial action taken. The auditor can then report the results of the follow-up audit, which may include informing management and/or the audit committee.
upvoted 1 times
...
A_Salem
2 years, 5 months ago
For any question asking requirements (SHOULD, BEST action) check the ITAF Standards. For any question asking steps (FIRST, NEXT action) check ITAF Guidelines. From ITAF-4th-Edition, statement 2402.7.4 As part of the follow-up activities, practitioners should evaluate whether unimplemented recommendations are still relevant or have a greater significance. The correct answer is D. Evaluate the appropriateness of the remedial action taken.
upvoted 3 times
...
Chandz
2 years, 9 months ago
Since it has been fixed, we have to verify the fix but not the approach to fix. therefore submit the results..
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago